1
PublicDateAtUSN: 2014-04-29
2
Candidate: CVE-2014-1525
5
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1525
6
http://www.mozilla.org/security/announce/2014/mfsa2014-39.html
7
https://usn.ubuntu.com/usn/usn-2185-1
9
The mozilla::dom::TextTrack::AddCue function in Mozilla Firefox before 29.0
10
and SeaMonkey before 2.26 does not properly perform garbage collection for
11
Text Track Manager variables, which allows remote attackers to execute
12
arbitrary code or cause a denial of service (use-after-free and heap memory
13
corruption) via a crafted VIDEO element in an HTML document.
19
Assigned-to: chrisccoulson
22
upstream_firefox: released (29.0)
23
lucid_firefox: ignored (reached end-of-life)
24
precise_firefox: released (29.0+build1-0ubuntu0.12.04.2)
25
quantal_firefox: released (29.0+build1-0ubuntu0.12.10.3)
26
saucy_firefox: released (29.0+build1-0ubuntu0.13.10.3)
27
trusty_firefox: released (29.0+build1-0ubuntu0.14.04.2)
28
devel_firefox: not-affected (29.0+build1-0ubuntu0.14.04.2)